The U.S. Treasury Department has taken a significant step in the ongoing examination of communication practices among high-ranking officials by submitting a timeline of messages retrieved amidst growing scrutiny. Treasury Secretary Scott Bessent, as outlined by his acting general counsel, was made aware of a preservation memo on March 26. This memo highlighted his obligations concerning record preservation, leading to the extraction of messages from both Secretary Bessent and his chief of staff, Mr. Daniel Katz. The recovery process of the messages traced back to 1:48 PM EST on March 15, 2025.
Anthony, a legal representative involved in the case, noted that almost all relevant communications from the defendants were lost, particularly relating to a significant chat window that spanned from March 11 to March 15. This has raised concerns given that the only defendant who offered explicit insights into recoverable messages was unable to provide substantial evidence due to the loss.
Last month, the Department of Defense indicated its compliance efforts with regards to record preservation directives, mentioning that Secretary Hegseth’s communications team was instructed to transfer Signal messages to an official DOD account. However, further inquisition from the court necessitated clarity on these preservation efforts. The DOD responded by confirming that a search of Hegseth’s device was executed around March 27, underscoring that screenshots of existing Signal application messages were preserved.
Legal representatives for American Oversight have criticized the government’s initial declarations as “vague” and “incomplete,” prompting the court on April 4 to request more comprehensive details on the preservation efforts. New reporting suggested that multiple private Signal chat groups had been established by Waltz’s team, implicating potentially broader involvement from the defendants in this litigation.
As these developments unfold, the Department of Justice opposed court intervention, arguing that public members do not possess “enforceable rights” to contest the destruction of governmental records. The department maintained that a certain portion of chat records had already been committed to federal record-keeping systems by various agencies, suggesting compliance with existing protocols.
The revelations shared in court have revealed specific dates related to preservation actions taken across multiple agencies, including a notable search of Hegseth’s phone. The State Department confirmed that screenshots of chat logs from Marco Rubio’s phone were captured on March 27, while the Office of the Director of National Intelligence followed suit the next day on March 28. The CIA also confirmed it took a screenshot on March 31, although it later amended its earlier statements to clarify that the images primarily displayed the chat group’s title and participant details without capturing substantive messages.
American Oversight plans to extend its case to include further implications surrounding the extensive use of Signal by US officials within national security agencies. Their aim is to bolster arguments for transparency in government communications, highlighting potential threats to democracy stemming from insufficient retention of critical government records. As these issues develop, they serve as a reminder of the delicate balance between digital communication practices and the need for accountability in governance.
In light of these events, the use of adversarial tactics outlined in the MITRE ATT&CK framework may be relevant. These include initial access techniques utilized to breach communication archiving systems, as well as persistence measures to ensure continuity of access to vital government communications. The implications of these practices extend beyond data management to encompass broader issues of governance and transparency within the federal landscape.
